Does anybody know what is the maximum number of Windows Azure Active Directory tenants that can be created per subscription?
There is only one tenant created per subscription. A tenant is an organisation, not a user. See the What is an Azure AD Tenant? MSDN article.
If you are using the free tier, you can create a maximum of 500,000 objects in Windows Azure AD. The default is 150,000; but you can have this limit increased. There is a limit of 10 apps per user.
If you are using the premium service, there is no limit.
See more limitations at the pricing page.
Related
Looking for some official Microsoft documentations about Azure Active Directory tier/license types and its limitations but no luck
Is there Basic tier of Azure Active Directory still available or
retired?
What is maximum number of users can be stored in Azure Active
Directory tier wise?
Tier wise pricing of Azure Active Directory
Tier wise SLA details
Not sure details provided here are still valid & true to consider it as reference.
Basic no longer exists. The Free edition is included with a subscription of a commercial online service, e.g. Azure, Dynamics 365, Intune, and Power Platform.
See Service Limits and Feature Comparison Docs
See Pricing for Azure AD
See Azure AD SLA
I wanted to know if there is any limit on the number of app registrations that can be created under one Tenant or under one root-level management group in Microsoft Azure.
I am trying to make a call to this particular API
https://learn.microsoft.com/en-us/graph/api/serviceprincipal-delta?view=graph-rest-1.0&tabs=http
In order to figure out the upper limit of the number of servicePrincipals that would be returned I need to find out the maximum number of Apps that can be registered for one tenant.
You can check resource limit for Azure here - Azure AD service limits
A maximum of 50,000 Azure AD resources can be created in a single tenant by users of the Free edition of Azure Active Directory by default. If you have at least one verified domain, the default Azure AD service quota for your organization is extended to 300,000 Azure AD resources. Azure AD service quota for organizations created by self-service sign-up remains 50,000 Azure AD resources even after you performed an internal admin takeover and the organization is converted to a managed tenant with at least one verified domain. This service limit is unrelated to the pricing tier limit of 500,000 resources on the Azure AD pricing page. To go beyond the default quota, you must contact Microsoft Support.
A non-admin user can create no more than 250 Azure AD resources. Both active resources and deleted resources that are available to restore count toward this quota. Only deleted Azure AD resources that were deleted fewer than 30 days ago are available to restore. Deleted Azure AD resources that are no longer available to restore count toward this quota at a value of one-quarter for 30 days. If you have developers who are likely to repeatedly exceed this quota in the course of their regular duties, you can create and assign a custom role with permission to create a limitless number of app registrations.
If you're non-admin AD user limit is 250 however you can remove that limit. Please refer here. Azure AD App registration limit for non-admin AD user
What is the maximum number of Applications Registered in Azure B2C active Directory? Is there any limitations? With this I just wanted to understand for how many applications I can provide single Sign on(SSO) for my B2C Users.
An admin creating 10,000 applications should not be an issue here. There is a non-changeable limit of 250 objects created by a non-admin.
On their web page, there is no SLA for accounts less than 50000 or authentication under 50000. I understand that why because it is free. But what if we have small user base but we want SLA?
I understand that why because it is free. But what if we have small user base but we want SLA?
What do you mean about the free? As far as I know, there is no SLA is provided for the Free tier of Azure Active Directory B2C, the SLA describes Microsoft’s commitments for uptime and connectivity. If your B2C can support SLA, you could try this with small users. For the details, you could read SLA for Azure Active Directory B2C.
Direct Azure Customer: There is a free tier available. But for Enterprise Agreement Customer, there is no Free Tier and SLA is effect when there is no Free Tier.
I added for testing purposes Access to Azure Active Directory in Windows Azure. Now I realize there is no button to cancel the subscription:
As discussed here "the underlying directory for Office 365 is Azure Active Directory (AAD). This means that if you have an Office 365 account, you already have a directory -or "tenant"- in AAD."
1) Does this mean that this particular subscription has always been there - just not visible?
2) Can you cancel it?
3) According to the pricing list adding objects is free (Free up to 500,000 objects), Application Enhancements (Preview) and Access Control. At which point would I be billed? (I know Azure generally bills for usage, the question is what counts as the usage in this particular situation)
1) The Azure AD was created when you signed up for Office365. This Azure subscription however was created when you signed up for Azure. Azure subscription is required to manage the many aspects of Azure AD that aren't available in the O365 portal.
2) you can create a support ticket (type billing) to have the subscription cancelled. If it's a free trial subscription it will automatically get cancelled. If it's a pay-as-you-go - it won't cost you anything until you use paid services. Which takes us to your last question ...
3) general Azure AD usage is free. If you need paid services of Azure AD like multi-factor auth for users, application access, self-service password reset you will need to but Azure AD licenses. As a thumb rule - if you haven't turned on multi-factor auth for users and you haven't bought AAD basic or AAD premium licenses - you won't spend any money on Azure AD. The object limit is a cap.
Hope that helps